I've got a question. There's a technique called "Passing the hash", in which you simply feed the encrypted password into the challenge issued by the server you're trying to hack, rather than decrypt it using a password cracking tool such as 10phtcrack, which takes time and energy. You can then gain access to the server without knowledge of a valid password, just it's encrypted hash.That's in theory, anyway. My question is: What if the server has restrictions on it that require the password to be unencrypted? Is there a way around that, or do you have to decrypt the password yourself?Please reply.

beagle wrote:I've got a question. There's a technique called "Passing the hash", in which you simply feed the encrypted password into the challenge issued by the server you're trying to hack, rather than decrypt it using a password cracking tool such as 10phtcrack, which takes time and energy. You can then gain access to the server without knowledge of a valid password, just it's encrypted hash.That's in theory, anyway. My question is: What if the server has restrictions on it that require the password to be unencrypted? Is there a way around that, or do you have to decrypt the password yourself?Please reply.

This only works on Windows with NTLM passwords stored by the LSA (local security authority). This is useful for getting access to SMB shares and Terminal Services with stolen password hashes. Most modern networks use Kerberos or a stronger authentication protocol for almost everything, so these types of attacks are becoming less prevalent.